Amazon Cloud Drive Security Concerns
What is the Amazon Cloud Drive?
Cloud Drive is Amazon’s new online storage service which provides management and retrieval of files you upload from any device that has access to your Amazon account. Amazon provides 5GB of storage for free, with upgrade options currently priced at $1/year per gigabyte. Amazon has bunded this launch with their Cloud Player, an app created for web browsers and Android powered phones that allows you to stream mp3s uploaded to your Cloud Drive account.
A free 5GB account will likely encourage less tech savvy users to sign up immediately, overlooking Amazon’s current account security practices.
In its current state, I think the Cloud Drive is perfect for storing non-personal data, especially music and video. Since Amazon bundled the media player with the launch of Cloud Drive, it shows their initial intentions. However, Amazon does not clearly warn users against storing personal files. Throughout Amazon’s marketing copy, they describe their product as secure.
With Amazon’s current account security, anyone who has your email and password can access your Amazon account. Your initial reaction may be “DUH – If someone has my username and password, of course they can access my account.” However, when it comes to online accounts that provide sensitive information, a form of two-factor authentication should be a requirement.
What is two-factor authentication?
Two-factor authentication is what you experience with online banking, and Google’s recent changes to account security. Two-factor means two independent methods of confirming the authenticity of the person logging in. With most online banking services, entering your password is only the first step. If the bank does not recognize the computer you’re logging in from, they may require a second step of authentication. This second step is commonly done with a unique and temporary security code that is either sent to your email address on file, or as a text message to your mobile phone. The user then has to enter this unique code to confirm their identity.
Good Security Practices
The level of security needed is only as necessary as the type of information being secured. If you don’t plan on storing personal, sensitive information in your Cloud Drive, then Amazon’s lack of two-factor authentication shouldn’t be a concern. The same rule applies to any online service. Before storing or accessing information online, be it Facebook, email, or online storage, think about how sensitive the information is that is being stored. How devastating would it be if someone gained unauthorized access to the given account? Thinking through these questions is the first step in maintaining a secure online presence.
Additional Security Concerns
- JR Raphael shares his concerns regarding Amazon’s rights to your data, based on the Terms & Conditions.